When a connection is established, the initial sequence number or ISN is initialized to 1. This ISN number is then incremented by 128,000 every second. There is a certain patter according to which the sequence numbers increment or change which makes then easy to predict.
To successfully perform IP spoofing or in order to predict Sequence Numbers, you need to be running a form of UNIX, as Windows does not provide the users with access to really advanced system stuff. Without a form of Unix IP Spoofing is almost impossible to do.
This text is not the ultimate guide to IP Spoofing and was aimed at only giving you a general outline of the whole process. Sequence number Prediction is really, really sophisticated and difficult to understand, but not impossible to do. However a system administrator can easily save his systems from IP spoofing and this
you read IP Spoofing Demystified by daemon9/route/infinity which was a part of Issue 48 of PHRACK
magazine, File 14 of 18. Go to the Archive Section of their site, http://www.phrack.com and click on Issue 48.
This brings me to the other purpose people use IP Spoofing, IP Masking. Now to something as simple as mask or hide your IP you do not need to go through the complex procedure of guessing sequence numbers and performing IP Spoofing. There are proxy servers to do that for you. Read the Net Tools chapter for further details.
Port Scanning in Networking Terms
Earlier we learnt what a Port scan is why it is considered to be such a important tool of getting information about the remote host, which in turn can be used to exploit any vulnerabilities and break into the system. We all know how a manual Port Scan works. You launch Telnet and manually Telnet to each Port jotting down information that you think is important. In a manual Port Scan, when you telnet to a port of a remote host, a full three way handshake takes place, which means that a complete TCP connection opens.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment